├── .kickme ├── README.md ├── buildbase-alpine ├── Dockerfile └── README.md ├── buildbase-debian ├── Dockerfile └── README.md ├── ci-testing ├── Dockerfile └── README.md ├── mirage-toolchain-hw-x86_64 ├── Dockerfile ├── README.md ├── entrypoint.sh └── rumprun-qemu ├── packages-hw-i686 ├── Dockerfile └── README.md ├── packages-hw-x86_64 ├── Dockerfile └── README.md ├── toolchain-hw-i686 ├── Dockerfile ├── README.md ├── entrypoint.sh └── hello.c ├── toolchain-hw-x86_64 ├── Dockerfile ├── README.md ├── entrypoint.sh └── hello.c ├── toolchain-xen-i686 ├── Dockerfile ├── README.md ├── entrypoint.sh └── hello.c └── toolchain-xen-x86_64 ├── Dockerfile ├── README.md ├── entrypoint.sh └── hello.c /.kickme: -------------------------------------------------------------------------------- 1 | Update me to kick the build 2 | ! 3 | ! 4 | ! 5 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | This repository serves as a source of `Dockerfile`s used for automated builds 2 | of the Rumprun unikernel toolchain and related projects. For details on how to 3 | use these builds refer to the Wiki page at 4 | http://wiki.rumpkernel.org/Howto:-Using-prebuilt-Rumprun-toolchains-with-Docker 5 | 6 | (This is a generic README.md used for all containers built from this 7 | repository. If you need to change the README.md for a specific container please remove the symlink to `../README.md` first.) 8 | -------------------------------------------------------------------------------- /buildbase-alpine/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:latest 2 | MAINTAINER Martin Lucina 3 | RUN apk add --update gcc g++ make libc-dev && rm -rf /var/cache/apk/* 4 | -------------------------------------------------------------------------------- /buildbase-alpine/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /buildbase-debian/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | MAINTAINER Martin Lucina 3 | 4 | # Install build prerequisites. 5 | # ca-certificates is required for git clone https:// to work 6 | # sudo is required for step-up to root 7 | # xorriso, grub-pc-bin and genisoimage are useful for downstream use (rumprun iso) 8 | RUN apt-get update && \ 9 | DEBIAN_FRONTEND=noninteractive apt-get install -q -y \ 10 | --no-install-recommends \ 11 | build-essential \ 12 | ca-certificates \ 13 | genisoimage \ 14 | git \ 15 | grub-pc-bin \ 16 | libxen-dev \ 17 | sudo \ 18 | xorriso \ 19 | zlib1g-dev \ 20 | && apt-get clean 21 | 22 | # Add a non-root user to run the build under, giving them sudo permissions 23 | # to install the built toolchain. 24 | RUN useradd -r -g root --uid=999 -m -d /build -s /bin/bash build && \ 25 | echo "build ALL = NOPASSWD: ALL" > /etc/sudoers.d/build 26 | 27 | # "Docker run" should land in the "build" user. 28 | USER build 29 | -------------------------------------------------------------------------------- /buildbase-debian/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /ci-testing/Dockerfile: -------------------------------------------------------------------------------- 1 | # Test container for CI/notification integration. 2 | FROM mato/rumprun-toolchain-hw-x86_64 3 | MAINTAINER Martin Lucina 4 | 5 | # Build. 6 | RUN x86_64-rumprun-netbsd-gcc -o hello hello.c && \ 7 | rumprun-bake hw_virtio hello.bin hello 8 | 9 | # No sense to "docker run" this container. 10 | CMD ["echo", "This is a CI container, nothing to run here!"] 11 | -------------------------------------------------------------------------------- /ci-testing/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /mirage-toolchain-hw-x86_64/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM mato/rumprun-toolchain-hw-x86_64 2 | MAINTAINER Richard Mortier 3 | 4 | # set some OPAM options 5 | ENV OPAMYES=1 OPAMJOBS=4 6 | 7 | # install `opam`; add `m4` as `ocamlfind` depends on it but has no depext 8 | RUN sudo apt-get update \ 9 | && DEBIAN_FRONTEND=noninteractive \ 10 | sudo apt-get install -q -y --no-install-recommends \ 11 | m4 aspcud opam pkg-config libncurses5-dev \ 12 | && sudo apt-get clean 13 | 14 | # initialise OPAM; add rumprun packages 15 | RUN opam init --comp=4.02.1 --verbose --auto-setup --dot-profile=~/.bashrc \ 16 | && opam repository add rumprun git://github.com/mato/opam-rumprun \ 17 | && opam update 18 | 19 | # install `ocaml-rumprun`; pin and install mirage.2.5.0+rumprun 20 | RUN eval $(opam config env) \ 21 | && RUMPRUN_PLATFORM=x86_64-rumprun-netbsd opam install ocaml-rumprun \ 22 | && opam pin add mirage 2.5.0+rumprun 23 | 24 | # enter the mirage! 25 | COPY entrypoint.sh /build/ 26 | CMD ["/bin/bash", "/build/entrypoint.sh"] 27 | -------------------------------------------------------------------------------- /mirage-toolchain-hw-x86_64/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /mirage-toolchain-hw-x86_64/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cat < 24 | 25 | EOF 26 | exec /bin/bash 27 | -------------------------------------------------------------------------------- /mirage-toolchain-hw-x86_64/rumprun-qemu: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -ex 4 | 5 | case "$1" in 6 | "" ) 7 | echo "you must provide a rumprun .bin image" 8 | exit 1 9 | ;; 10 | 11 | * ) IMAGE=$1 12 | ;; 13 | esac 14 | 15 | PORT=$2 16 | 17 | sudo qemu-system-x86_64 \ 18 | -m 64 \ 19 | -net user,hostfwd=::$PORT-:$PORT \ 20 | -vga none -nographic \ 21 | -kernel $IMAGE.bin \ 22 | -append '{"cmdline": "'"$IMAGE"'.bin"}' 23 | -------------------------------------------------------------------------------- /packages-hw-i686/Dockerfile: -------------------------------------------------------------------------------- 1 | # This container builds the rumprun packages for hw/i686 2 | FROM mato/rumprun-toolchain-hw-i686 3 | MAINTAINER Martin Lucina 4 | 5 | # Install additional build prerequisites. 6 | RUN sudo apt-get update && \ 7 | DEBIAN_FRONTEND=noninteractive sudo apt-get install -q -y \ 8 | --no-install-recommends \ 9 | autoconf \ 10 | automake \ 11 | cmake \ 12 | curl \ 13 | file \ 14 | genisoimage \ 15 | libssl-dev \ 16 | makefs \ 17 | python \ 18 | python-dev \ 19 | python3 \ 20 | python3-dev \ 21 | && sudo apt-get clean 22 | 23 | # List of packages we build. This will eventually just be "world". 24 | # TODO rust: currently only supports x86_64, left out. 25 | # TODO erlang: does not build (see rumprun-packages issues) 26 | ENV BUILD_PACKAGES="mathopd hiawatha leveldb libxml2 pcre mpg123 nginx php ngircd redis mysql roundcube python3 nodejs" 27 | 28 | # Build the packages, using as many CPUs as available. 29 | RUN STDJ=$(cat /proc/cpuinfo | grep '^processor.*:' | wc -l) && \ 30 | git clone https://github.com/rumpkernel/rumprun-packages && \ 31 | cd /build/rumprun-packages && \ 32 | echo "RUMPRUN_TOOLCHAIN_TUPLE=i486-rumprun-netbsdelf" > config.mk && \ 33 | for pkg in ${BUILD_PACKAGES}; do make -j${STDJ} -C ${pkg} || exit 1; done 34 | 35 | # XXX Need to do a make clean-world or similar here which removes the build 36 | # trees and archives, but keeps the built unikernels. 37 | 38 | # No sense to "docker run" this container. 39 | CMD ["echo", "This is a CI container, nothing to run here!"] 40 | -------------------------------------------------------------------------------- /packages-hw-i686/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /packages-hw-x86_64/Dockerfile: -------------------------------------------------------------------------------- 1 | # This container builds the rumprun packages for hw/x86_64 2 | FROM mato/rumprun-toolchain-hw-x86_64 3 | MAINTAINER Martin Lucina 4 | 5 | # Install additional build prerequisites. 6 | RUN sudo apt-get update && \ 7 | DEBIAN_FRONTEND=noninteractive sudo apt-get install -q -y \ 8 | --no-install-recommends \ 9 | autoconf \ 10 | automake \ 11 | cmake \ 12 | curl \ 13 | file \ 14 | genisoimage \ 15 | libssl-dev \ 16 | makefs \ 17 | python \ 18 | python-dev \ 19 | python3 \ 20 | python3-dev \ 21 | && sudo apt-get clean 22 | 23 | # List of packages we build. This will eventually just be "world". 24 | # TODO erlang: does not build (see rumprun-packages issues) 25 | # TODO rust: times out build 26 | ENV BUILD_PACKAGES="mathopd hiawatha leveldb libxml2 pcre mpg123 nginx php ngircd redis mysql roundcube python3 nodejs" 27 | 28 | # Build the packages, using as many CPUs as available. 29 | RUN STDJ=$(cat /proc/cpuinfo | grep '^processor.*:' | wc -l) && \ 30 | git clone https://github.com/rumpkernel/rumprun-packages && \ 31 | cd /build/rumprun-packages && \ 32 | echo "RUMPRUN_TOOLCHAIN_TUPLE=x86_64-rumprun-netbsd" > config.mk && \ 33 | for pkg in ${BUILD_PACKAGES}; do make -j${STDJ} -C ${pkg} || exit 1; done 34 | 35 | # XXX Need to do a make clean-world or similar here which removes the build 36 | # trees and archives, but keeps the built unikernels. 37 | 38 | # No sense to "docker run" this container. 39 | CMD ["echo", "This is a CI container, nothing to run here!"] 40 | -------------------------------------------------------------------------------- /packages-hw-x86_64/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /toolchain-hw-i686/Dockerfile: -------------------------------------------------------------------------------- 1 | # This container builds the rumprun toolchain for hw/i686 2 | FROM mato/rumprun-buildbase-debian 3 | MAINTAINER Martin Lucina 4 | 5 | # All builds are done as non-root. 6 | USER build 7 | WORKDIR /build 8 | 9 | # Build and install the toolchain. 10 | # This must be done in a single layer to avoid ballooning the image size, 11 | # hence the series of "&&". 12 | # It'd be nice if Docker had support for controlling when layers are created, 13 | # wouldn't it? See 14 | # http://jasonwilder.com/blog/2014/08/19/squashing-docker-images/ for possible 15 | # solutions and https://github.com/docker/docker/issues/332 for bikeshed. 16 | # DESTDIR specifies where the toolchain is installed in the container. 17 | # BUILDRUMP_EXTRA is required for an -m32 build. 18 | RUN DESTDIR=/usr/local && \ 19 | BUILDRUMP_EXTRA="-F ACLFLAGS=-m32 -F ACFLAGS=-march=i686" && \ 20 | git clone https://github.com/rumpkernel/rumprun && \ 21 | cd /build/rumprun && \ 22 | git submodule init && git submodule update && \ 23 | ./build-rr.sh -d $DESTDIR -o ./obj hw build -- $BUILDRUMP_EXTRA && \ 24 | sudo ./build-rr.sh -d $DESTDIR -o ./obj hw install && \ 25 | rm -rf /build/rumprun 26 | 27 | # Install a "Hello, World" and build it to verify that the toolchain works. 28 | COPY hello.c /build/ 29 | RUN i486-rumprun-netbsdelf-gcc -o hello hello.c && \ 30 | rumprun-bake hw_virtio hello.bin hello && \ 31 | rm -f hello.bin hello 32 | 33 | # Install a welcome script to give the user a hint about what to do next. 34 | # XXX Can't we just update .profile here and run a login shell? 35 | COPY entrypoint.sh /build/ 36 | # XXX Docker Hub fails this with "chmod: changing permissions of '/build/entrypoint.sh: Operation not permitted" 37 | # RUN chmod +x /build/entrypoint.sh 38 | CMD ["/bin/bash", "/build/entrypoint.sh"] 39 | -------------------------------------------------------------------------------- /toolchain-hw-i686/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /toolchain-hw-i686/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PLATFORM=$(basename /usr/local/bin/*-rumprun-*gcc |sed -e s/-gcc//) 3 | cat < 2 | 3 | int main(int argc, char *argv[]) 4 | { 5 | printf("Hello, World\n"); 6 | return 0; 7 | } 8 | -------------------------------------------------------------------------------- /toolchain-hw-x86_64/Dockerfile: -------------------------------------------------------------------------------- 1 | # This container builds the rumprun toolchain for hw/x86_64 2 | FROM mato/rumprun-buildbase-debian 3 | MAINTAINER Martin Lucina 4 | 5 | # All builds are done as non-root. 6 | USER build 7 | WORKDIR /build 8 | 9 | # Build and install the toolchain. 10 | # This must be done in a single layer to avoid ballooning the image size, 11 | # hence the series of "&&". 12 | # It'd be nice if Docker had support for controlling when layers are created, 13 | # wouldn't it? See 14 | # http://jasonwilder.com/blog/2014/08/19/squashing-docker-images/ for possible 15 | # solutions and https://github.com/docker/docker/issues/332 for bikeshed. 16 | # DESTDIR specifies where the toolchain is installed in the container. 17 | RUN DESTDIR=/usr/local && \ 18 | BUILDRUMP_EXTRA= && \ 19 | git clone https://github.com/rumpkernel/rumprun && \ 20 | cd /build/rumprun && \ 21 | git submodule init && git submodule update && \ 22 | ./build-rr.sh -d $DESTDIR -o ./obj hw build -- $BUILDRUMP_EXTRA && \ 23 | sudo ./build-rr.sh -d $DESTDIR -o ./obj hw install && \ 24 | rm -rf /build/rumprun 25 | 26 | # Install a "Hello, World" and build it to verify that the toolchain works. 27 | COPY hello.c /build/ 28 | RUN x86_64-rumprun-netbsd-gcc -o hello hello.c && \ 29 | rumprun-bake hw_virtio hello.bin hello && \ 30 | rm -f hello.bin hello 31 | 32 | # Install a welcome script to give the user a hint about what to do next. 33 | # XXX Can't we just update .profile here and run a login shell? 34 | COPY entrypoint.sh /build/ 35 | # XXX Docker Hub fails this with "chmod: changing permissions of '/build/entrypoint.sh: Operation not permitted" 36 | # RUN chmod +x /build/entrypoint.sh 37 | CMD ["/bin/bash", "/build/entrypoint.sh"] 38 | -------------------------------------------------------------------------------- /toolchain-hw-x86_64/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /toolchain-hw-x86_64/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PLATFORM=$(basename /usr/local/bin/*-rumprun-*gcc |sed -e s/-gcc//) 3 | cat < 2 | 3 | int main(int argc, char *argv[]) 4 | { 5 | printf("Hello, World\n"); 6 | return 0; 7 | } 8 | -------------------------------------------------------------------------------- /toolchain-xen-i686/Dockerfile: -------------------------------------------------------------------------------- 1 | # This container builds the rumprun toolchain for xen/i686 2 | FROM mato/rumprun-buildbase-debian 3 | MAINTAINER Martin Lucina 4 | 5 | # All builds are done as non-root. 6 | USER build 7 | WORKDIR /build 8 | 9 | # Build and install the toolchain. 10 | # This must be done in a single layer to avoid ballooning the image size, 11 | # hence the series of "&&". 12 | # It'd be nice if Docker had support for controlling when layers are created, 13 | # wouldn't it? See 14 | # http://jasonwilder.com/blog/2014/08/19/squashing-docker-images/ for possible 15 | # solutions and https://github.com/docker/docker/issues/332 for bikeshed. 16 | # DESTDIR specifies where the toolchain is installed in the container. 17 | # BUILDRUMP_EXTRA is required for an -m32 build. 18 | RUN DESTDIR=/usr/local && \ 19 | BUILDRUMP_EXTRA="-F ACLFLAGS=-m32 -F ACFLAGS=-march=i686" && \ 20 | git clone https://github.com/rumpkernel/rumprun && \ 21 | cd /build/rumprun && \ 22 | git submodule init && git submodule update && \ 23 | ./build-rr.sh -d $DESTDIR -o ./obj xen build -- $BUILDRUMP_EXTRA && \ 24 | sudo ./build-rr.sh -d $DESTDIR -o ./obj xen install && \ 25 | rm -rf /build/rumprun 26 | 27 | # Install a "Hello, World" and build it to verify that the toolchain works. 28 | COPY hello.c /build/ 29 | RUN i486-rumprun-netbsdelf-gcc -o hello hello.c && \ 30 | rumprun-bake xen_pv hello.bin hello && \ 31 | rm -f hello.bin hello 32 | 33 | # Install a welcome script to give the user a hint about what to do next. 34 | # XXX Can't we just update .profile here and run a login shell? 35 | COPY entrypoint.sh /build/ 36 | # XXX Docker Hub fails this with "chmod: changing permissions of '/build/entrypoint.sh: Operation not permitted" 37 | # RUN chmod +x /build/entrypoint.sh 38 | CMD ["/bin/bash", "/build/entrypoint.sh"] 39 | -------------------------------------------------------------------------------- /toolchain-xen-i686/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /toolchain-xen-i686/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PLATFORM=$(basename /usr/local/bin/*-rumprun-*gcc |sed -e s/-gcc//) 3 | cat < 2 | 3 | int main(int argc, char *argv[]) 4 | { 5 | printf("Hello, World\n"); 6 | return 0; 7 | } 8 | -------------------------------------------------------------------------------- /toolchain-xen-x86_64/Dockerfile: -------------------------------------------------------------------------------- 1 | # This container builds the rumprun toolchain for xen/x86_64 2 | FROM mato/rumprun-buildbase-debian 3 | MAINTAINER Martin Lucina 4 | 5 | # All builds are done as non-root. 6 | USER build 7 | WORKDIR /build 8 | 9 | # Build and install the toolchain. 10 | # This must be done in a single layer to avoid ballooning the image size, 11 | # hence the series of "&&". 12 | # It'd be nice if Docker had support for controlling when layers are created, 13 | # wouldn't it? See 14 | # http://jasonwilder.com/blog/2014/08/19/squashing-docker-images/ for possible 15 | # solutions and https://github.com/docker/docker/issues/332 for bikeshed. 16 | # DESTDIR specifies where the toolchain is installed in the container. 17 | RUN DESTDIR=/usr/local && \ 18 | BUILDRUMP_EXTRA= && \ 19 | git clone https://github.com/rumpkernel/rumprun && \ 20 | cd /build/rumprun && \ 21 | git submodule init && git submodule update && \ 22 | ./build-rr.sh -d $DESTDIR -o ./obj xen build -- $BUILDRUMP_EXTRA && \ 23 | sudo ./build-rr.sh -d $DESTDIR -o ./obj xen install && \ 24 | rm -rf /build/rumprun 25 | 26 | # Install a "Hello, World" and build it to verify that the toolchain works. 27 | COPY hello.c /build/ 28 | RUN x86_64-rumprun-netbsd-gcc -o hello hello.c && \ 29 | rumprun-bake xen_pv hello.bin hello && \ 30 | rm -f hello.bin hello 31 | 32 | # Install a welcome script to give the user a hint about what to do next. 33 | # XXX Can't we just update .profile here and run a login shell? 34 | COPY entrypoint.sh /build/ 35 | # XXX Docker Hub fails this with "chmod: changing permissions of '/build/entrypoint.sh: Operation not permitted" 36 | # RUN chmod +x /build/entrypoint.sh 37 | CMD ["/bin/bash", "/build/entrypoint.sh"] 38 | -------------------------------------------------------------------------------- /toolchain-xen-x86_64/README.md: -------------------------------------------------------------------------------- 1 | ../README.md -------------------------------------------------------------------------------- /toolchain-xen-x86_64/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PLATFORM=$(basename /usr/local/bin/*-rumprun-*gcc |sed -e s/-gcc//) 3 | cat < 2 | 3 | int main(int argc, char *argv[]) 4 | { 5 | printf("Hello, World\n"); 6 | return 0; 7 | } 8 | --------------------------------------------------------------------------------